首頁 探索 說明
登入
SoftwareDesign
/
csu3_am335x
8
0
複刻 0
檔案 問題管理 0 合併請求 0 Wiki
分支: master
分支列表 標籤列表
csu3_am335x
/
EVSE
/
GPL
/
iptables-1.4.18
/
extensions
/
libxt_u32.c

libxt_u32.c 7.2 KB
永久連結 文件歷史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279 
  1. /* Shared library add-on to iptables to add u32 matching,
    2. 

  2.  * generalized matching on values found at packet offsets
    3. 

  3.  *
    4. 

  4.  * Detailed doc is in the kernel module source
    5. 

  5.  * net/netfilter/xt_u32.c
    6. 

  6.  *
    7. 

  7.  * (C) 2002 by Don Cohen <don-netf@isis.cs3-inc.com>
    8. 

  8.  * Released under the terms of GNU GPL v2
    9. 

  9.  *
    10. 

  10.  * Copyright © CC Computer Consultants GmbH, 2007
    11. 

  11.  * Contact: <jengelh@computergmbh.de>
    12. 

  12.  */
    13. 

  13. #include <ctype.h>
    14. 

  14. #include <errno.h>
    15. 

  15. #include <stdint.h>
    16. 

  16. #include <stdlib.h>
    17. 

  17. #include <stdio.h>
    18. 

  18. #include <xtables.h>
    19. 

  19. #include <linux/netfilter/xt_u32.h>
    20. 

  20. 

  21. enum {
    22. 

  22. 	O_U32 = 0,
    23. 

  23. };
    24. 

  24. 

  25. static const struct xt_option_entry u32_opts[] = {
    26. 

  26. 	{.name = "u32", .id = O_U32, .type = XTTYPE_STRING,
    27. 

  27. 	 .flags = XTOPT_MAND | XTOPT_INVERT},
    28. 

  28. 	XTOPT_TABLEEND,
    29. 

  29. };
    30. 

  30. 

  31. static void u32_help(void)
    32. 

  32. {
    33. 

  33. 	printf(
    34. 

  34. 		"u32 match options:\n"
    35. 

  35. 		"[!] --u32 tests\n"
    36. 

  36. 		"\t\t""tests := location \"=\" value | tests \"&&\" location \"=\" value\n"
    37. 

  37. 		"\t\t""value := range | value \",\" range\n"
    38. 

  38. 		"\t\t""range := number | number \":\" number\n"
    39. 

  39. 		"\t\t""location := number | location operator number\n"
    40. 

  40. 		"\t\t""operator := \"&\" | \"<<\" | \">>\" | \"@\"\n");
    41. 

  41. }
    42. 

  42. 

  43. static void u32_dump(const struct xt_u32 *data)
    44. 

  44. {
    45. 

  45. 	const struct xt_u32_test *ct;
    46. 

  46. 	unsigned int testind, i;
    47. 

  47. 

  48. 	printf(" \"");
    49. 

  49. 	for (testind = 0; testind < data->ntests; ++testind) {
    50. 

  50. 		ct = &data->tests[testind];
    51. 

  51. 

  52. 		if (testind > 0)
    53. 

  53. 			printf("&&");
    54. 

  54. 

  55. 		printf("0x%x", ct->location[0].number);
    56. 

  56. 		for (i = 1; i < ct->nnums; ++i) {
    57. 

  57. 			switch (ct->location[i].nextop) {
    58. 

  58. 			case XT_U32_AND:
    59. 

  59. 				printf("&");
    60. 

  60. 				break;
    61. 

  61. 			case XT_U32_LEFTSH:
    62. 

  62. 				printf("<<");
    63. 

  63. 				break;
    64. 

  64. 			case XT_U32_RIGHTSH:
    65. 

  65. 				printf(">>");
    66. 

  66. 				break;
    67. 

  67. 			case XT_U32_AT:
    68. 

  68. 				printf("@");
    69. 

  69. 				break;
    70. 

  70. 			}
    71. 

  71. 			printf("0x%x", ct->location[i].number);
    72. 

  72. 		}
    73. 

  73. 

  74. 		printf("=");
    75. 

  75. 		for (i = 0; i < ct->nvalues; ++i) {
    76. 

  76. 			if (i > 0)
    77. 

  77. 				printf(",");
    78. 

  78. 			if (ct->value[i].min == ct->value[i].max)
    79. 

  79. 				printf("0x%x", ct->value[i].min);
    80. 

  80. 			else
    81. 

  81. 				printf("0x%x:0x%x", ct->value[i].min,
    82. 

  82. 				       ct->value[i].max);
    83. 

  83. 		}
    84. 

  84. 	}
    85. 

  85. 	putchar('\"');
    86. 

  86. }
    87. 

  87. 

  88. /* string_to_number() is not quite what we need here ... */
    89. 

  89. static uint32_t parse_number(const char **s, int pos)
    90. 

  90. {
    91. 

  91. 	unsigned int number;
    92. 

  92. 	char *end;
    93. 

  93. 

  94. 	if (!xtables_strtoui(*s, &end, &number, 0, UINT32_MAX) ||
    95. 

  95. 	    end == *s)
    96. 

  96. 		xtables_error(PARAMETER_PROBLEM,
    97. 

  97. 			"u32: at char %d: not a number or out of range", pos);
    98. 

  98. 	*s = end;
    99. 

  99. 	return number;
    100. 

  100. }
    101. 

  101. 

  102. static void u32_parse(struct xt_option_call *cb)
    103. 

  103. {
    104. 

  104. 	struct xt_u32 *data = cb->data;
    105. 

  105. 	unsigned int testind = 0, locind = 0, valind = 0;
    106. 

  106. 	struct xt_u32_test *ct = &data->tests[testind]; /* current test */
    107. 

  107. 	const char *arg = cb->arg; /* the argument string */
    108. 

  108. 	const char *start = cb->arg;
    109. 

  109. 	int state = 0;
    110. 

  110. 

  111. 	xtables_option_parse(cb);
    112. 

  112. 	data->invert = cb->invert;
    113. 

  113. 

  114. 	/*
    115. 

  115. 	 * states:
    116. 

  116. 	 * 0 = looking for numbers and operations,
    117. 

  117. 	 * 1 = looking for ranges
    118. 

  118. 	 */
    119. 

  119. 	while (1) {
    120. 

  120. 		/* read next operand/number or range */
    121. 

  121. 		while (isspace(*arg))
    122. 

  122. 			++arg;
    123. 

  123. 

  124. 		if (*arg == '\0') {
    125. 

  125. 			/* end of argument found */
    126. 

  126. 			if (state == 0)
    127. 

  127. 				xtables_error(PARAMETER_PROBLEM,
    128. 

  128. 					   "u32: abrupt end of input after location specifier");
    129. 

  129. 			if (valind == 0)
    130. 

  130. 				xtables_error(PARAMETER_PROBLEM,
    131. 

  131. 					   "u32: test ended with no value specified");
    132. 

  132. 

  133. 			ct->nnums    = locind;
    134. 

  134. 			ct->nvalues  = valind;
    135. 

  135. 			data->ntests = ++testind;
    136. 

  136. 

  137. 			if (testind > XT_U32_MAXSIZE)
    138. 

  138. 				xtables_error(PARAMETER_PROBLEM,
    139. 

  139. 				           "u32: at char %u: too many \"&&\"s",
    140. 

  140. 				           (unsigned int)(arg - start));
    141. 

  141. 			return;
    142. 

  142. 		}
    143. 

  143. 

  144. 		if (state == 0) {
    145. 

  145. 			/*
    146. 

  146. 			 * reading location: read a number if nothing read yet,
    147. 

  147. 			 * otherwise either op number or = to end location spec
    148. 

  148. 			 */
    149. 

  149. 			if (*arg == '=') {
    150. 

  150. 				if (locind == 0) {
    151. 

  151. 					xtables_error(PARAMETER_PROBLEM,
    152. 

  152. 					           "u32: at char %u: "
    153. 

  153. 					           "location spec missing",
    154. 

  154. 					           (unsigned int)(arg - start));
    155. 

  155. 				} else {
    156. 

  156. 					++arg;
    157. 

  157. 					state = 1;
    158. 

  158. 				}
    159. 

  159. 			} else {
    160. 

  160. 				if (locind != 0) {
    161. 

  161. 					/* need op before number */
    162. 

  162. 					if (*arg == '&') {
    163. 

  163. 						ct->location[locind].nextop = XT_U32_AND;
    164. 

  164. 					} else if (*arg == '<') {
    165. 

  165. 						if (*++arg != '<')
    166. 

  166. 							xtables_error(PARAMETER_PROBLEM,
    167. 

  167. 								   "u32: at char %u: a second '<' was expected", (unsigned int)(arg - start));
    168. 

  168. 						ct->location[locind].nextop = XT_U32_LEFTSH;
    169. 

  169. 					} else if (*arg == '>') {
    170. 

  170. 						if (*++arg != '>')
    171. 

  171. 							xtables_error(PARAMETER_PROBLEM,
    172. 

  172. 								   "u32: at char %u: a second '>' was expected", (unsigned int)(arg - start));
    173. 

  173. 						ct->location[locind].nextop = XT_U32_RIGHTSH;
    174. 

  174. 					} else if (*arg == '@') {
    175. 

  175. 						ct->location[locind].nextop = XT_U32_AT;
    176. 

  176. 					} else {
    177. 

  177. 						xtables_error(PARAMETER_PROBLEM,
    178. 

  178. 							"u32: at char %u: operator expected", (unsigned int)(arg - start));
    179. 

  179. 					}
    180. 

  180. 					++arg;
    181. 

  181. 				}
    182. 

  182. 				/* now a number; string_to_number skips white space? */
    183. 

  183. 				ct->location[locind].number =
    184. 

  184. 					parse_number(&arg, arg - start);
    185. 

  185. 				if (++locind > XT_U32_MAXSIZE)
    186. 

  186. 					xtables_error(PARAMETER_PROBLEM,
    187. 

  187. 						   "u32: at char %u: too many operators", (unsigned int)(arg - start));
    188. 

  188. 			}
    189. 

  189. 		} else {
    190. 

  190. 			/*
    191. 

  191. 			 * state 1 - reading values: read a range if nothing
    192. 

  192. 			 * read yet, otherwise either ,range or && to end
    193. 

  193. 			 * test spec
    194. 

  194. 			 */
    195. 

  195. 			if (*arg == '&') {
    196. 

  196. 				if (*++arg != '&')
    197. 

  197. 					xtables_error(PARAMETER_PROBLEM,
    198. 

  198. 						   "u32: at char %u: a second '&' was expected", (unsigned int)(arg - start));
    199. 

  199. 				if (valind == 0) {
    200. 

  200. 					xtables_error(PARAMETER_PROBLEM,
    201. 

  201. 						   "u32: at char %u: value spec missing", (unsigned int)(arg - start));
    202. 

  202. 				} else {
    203. 

  203. 					ct->nnums   = locind;
    204. 

  204. 					ct->nvalues = valind;
    205. 

  205. 					ct = &data->tests[++testind];
    206. 

  206. 					if (testind > XT_U32_MAXSIZE)
    207. 

  207. 						xtables_error(PARAMETER_PROBLEM,
    208. 

  208. 							   "u32: at char %u: too many \"&&\"s", (unsigned int)(arg - start));
    209. 

  209. 					++arg;
    210. 

  210. 					state  = 0;
    211. 

  211. 					locind = 0;
    212. 

  212. 					valind = 0;
    213. 

  213. 				}
    214. 

  214. 			} else { /* read value range */
    215. 

  215. 				if (valind > 0) { /* need , before number */
    216. 

  216. 					if (*arg != ',')
    217. 

  217. 						xtables_error(PARAMETER_PROBLEM,
    218. 

  218. 							   "u32: at char %u: expected \",\" or \"&&\"", (unsigned int)(arg - start));
    219. 

  219. 					++arg;
    220. 

  220. 				}
    221. 

  221. 				ct->value[valind].min =
    222. 

  222. 					parse_number(&arg, arg - start);
    223. 

  223. 

  224. 				while (isspace(*arg))
    225. 

  225. 					++arg;
    226. 

  226. 

  227. 				if (*arg == ':') {
    228. 

  228. 					++arg;
    229. 

  229. 					ct->value[valind].max =
    230. 

  230. 						parse_number(&arg, arg-start);
    231. 

  231. 				} else {
    232. 

  232. 					ct->value[valind].max =
    233. 

  233. 						ct->value[valind].min;
    234. 

  234. 				}
    235. 

  235. 

  236. 				if (++valind > XT_U32_MAXSIZE)
    237. 

  237. 					xtables_error(PARAMETER_PROBLEM,
    238. 

  238. 						   "u32: at char %u: too many \",\"s", (unsigned int)(arg - start));
    239. 

  239. 			}
    240. 

  240. 		}
    241. 

  241. 	}
    242. 

  242. }
    243. 

  243. 

  244. static void u32_print(const void *ip, const struct xt_entry_match *match,
    245. 

  245.                       int numeric)
    246. 

  246. {
    247. 

  247. 	const struct xt_u32 *data = (const void *)match->data;
    248. 

  248. 	printf(" u32");
    249. 

  249. 	if (data->invert)
    250. 

  250. 		printf(" !");
    251. 

  251. 	u32_dump(data);
    252. 

  252. }
    253. 

  253. 

  254. static void u32_save(const void *ip, const struct xt_entry_match *match)
    255. 

  255. {
    256. 

  256. 	const struct xt_u32 *data = (const void *)match->data;
    257. 

  257. 	if (data->invert)
    258. 

  258. 		printf(" !");
    259. 

  259. 	printf(" --u32");
    260. 

  260. 	u32_dump(data);
    261. 

  261. }
    262. 

  262. 

  263. static struct xtables_match u32_match = {
    264. 

  264. 	.name          = "u32",
    265. 

  265. 	.family        = NFPROTO_UNSPEC,
    266. 

  266. 	.version       = XTABLES_VERSION,
    267. 

  267. 	.size          = XT_ALIGN(sizeof(struct xt_u32)),
    268. 

  268. 	.userspacesize = XT_ALIGN(sizeof(struct xt_u32)),
    269. 

  269. 	.help          = u32_help,
    270. 

  270. 	.print         = u32_print,
    271. 

  271. 	.save          = u32_save,
    272. 

  272. 	.x6_parse      = u32_parse,
    273. 

  273. 	.x6_options    = u32_opts,
    274. 

  274. };
    275. 

  275. 

  276. void _init(void)
    277. 

  277. {
    278. 

  278. 	xtables_register_match(&u32_match);
    279. 

  279. }
    280.